Chapter 2 - Learning Objectives Upon completion of this...

Info iconThis preview shows pages 1–10. Sign up to view the full content.

View Full Document Right Arrow Icon
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security, 3rd Edition 2 Recognize that organizations have a business need for information security Understand that a successful information security program is the responsibility of both an organization’s general management and IT management Identify the threats posed to information security and the more common attacks associated with those threats, and differentiate threats to the information within systems from attacks against the information within systems Describe the issues facing software developers, as well as the most common errors made by developers, and explain how software development programs can create software that is more secure and reliable Learning Objectives Upon completion of this material, you should be able to:
Background image of page 2
Principles of Information Security, 3rd Edition 3 Introduction Primary mission of information security is to ensure systems and contents stay the same If no threats, could focus on improving systems, resulting in vast improvements in ease of use and usefulness Attacks on information systems are a daily occurrence
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security, 3rd Edition 4 Business Needs First Information security performs four important functions for an organization Protects ability to function Enables safe operation of applications implemented on its IT systems Protects data the organization collects and uses Safeguards technology assets in use
Background image of page 4
Principles of Information Security, 3rd Edition 5 Protecting the Functionality of an Organization Management (general and IT) responsible for implementation Information security is both management issue and people issue Organization should address information security in terms of business impact and cost
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security, 3rd Edition 6 Enabling the Safe Operation of Applications Organization needs environments that safeguard applications using IT systems Management must continue to oversee infrastructure once in place—not defer to IT department
Background image of page 6
Principles of Information Security, 3rd Edition 7 Protecting Data that Organizations Collect and Use Organization, without data, loses its record of transactions and/or ability to deliver value to customers Protecting data in motion and data at rest are both critical aspects of information security
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Principles of Information Security, 3rd Edition 8 Safeguarding Technology Assets in Organizations Organizations must have secure infrastructure services based on size and scope of enterprise Additional security services may be needed as organization expands More robust solutions may be needed to replace security programs the organization has outgrown
Background image of page 8
Principles of Information Security, 3rd Edition 9 Threats Threat: an object, person, or other entity that represents a constant danger to an asset Management must be informed of the different threats facing the organization By examining each threat category, management effectively protects information through policy, education, training, and technology controls
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 10
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 03/31/2010 for the course IS 425 taught by Professor Lemon during the Spring '10 term at University of Maryland Baltimore.

Page1 / 55

Chapter 2 - Learning Objectives Upon completion of this...

This preview shows document pages 1 - 10. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online